Vulnerabilities > Dell > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-14 CVE-2021-21557 Out-of-bounds Read vulnerability in Dell products
Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability.
local
low complexity
dell CWE-125
6.7
2021-06-08 CVE-2021-21558 Information Exposure Through Log Files vulnerability in Dell EMC Networker
Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability.
local
low complexity
dell CWE-532
4.4
2021-06-08 CVE-2021-21559 Improper Certificate Validation vulnerability in Dell EMC Networker
Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper Certificate Validation vulnerability in the client (NetWorker Management Console) components which uses SSL encrypted connection in order to communicate with the application server.
high complexity
dell CWE-295
5.3
2021-05-06 CVE-2021-21527 OS Command Injection vulnerability in Dell EMC Powerscale Onefs 9.0.0.0/9.1.0.0
Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability.
local
low complexity
dell CWE-78
6.7
2021-05-06 CVE-2021-21550 OS Command Injection vulnerability in Dell EMC Powerscale Onefs
Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability.
local
low complexity
dell CWE-78
6.7
2021-04-30 CVE-2021-21547 Cleartext Storage of Sensitive Information vulnerability in Dell products
Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system.
local
low complexity
dell CWE-312
6.7
2021-04-30 CVE-2021-21543 Cross-site Scripting vulnerability in Dell Idrac9 Firmware
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain multiple stored cross-site scripting vulnerabilities.
network
low complexity
dell CWE-79
4.8
2021-04-30 CVE-2021-21542 Cross-site Scripting vulnerability in Dell Idrac9 Firmware
Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities.
network
low complexity
dell CWE-79
4.8
2021-04-30 CVE-2021-21541 Cross-site Scripting vulnerability in Dell Idrac9 Firmware
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a DOM-based cross-site scripting vulnerability.
network
low complexity
dell CWE-79
6.1
2021-04-30 CVE-2021-21537 Information Exposure vulnerability in Dell Hybrid Client 1.0/1.1/1.1.01
Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability.
local
low complexity
dell CWE-200
5.5